[gruntmaster-daemon.git] / gruntmaster-exec

#!/usr/bin/perl
use v5.14;
use strict;
use warnings;

use constant +{
	# Accepted
	AC => 0,

	# Internal server error
	ERR => -1,

	# All other errors
	WA => 1,
	NZX => 2,
	TLE => 3,
	OLE => 4,
	DIED => 5,
	REJ => 10,
};
# These constants are changed by ex/makevm
use constant USER => 65534;
use constant GROUP => 65534;

use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE RLIMIT_NPROC/;
use IPC::Signal qw/sig_name sig_num/;
use sigtrap qw/XFSZ/;

use Getopt::Long;
use POSIX qw//;
use Text::ParseWords qw/shellwords/;
use Time::HiRes qw/alarm/;

my (@fds, $timeout, $mlimit, $olimit, $nobody);
my $close = 1;

GetOptions(
	"fd=s"      => \@fds,
	"timeout=f" => \$timeout,
	"mlimit=i"  => \$mlimit,
	"olimit=i"  => \$olimit,
	"close!"    => \$close,
	"nobody!"   => \$nobody,
);

my $killuser = $ENV{GRUNTMASTER_KILL_USER};
my @sudo;
@sudo = (shellwords ($ENV{GRUNTMASTER_SUDO}), '--') if $ENV{GRUNTMASTER_SUDO} && $nobody;
$mlimit = 1_000_000_000 if @sudo; # sudo wants a lot of address space

my $ret = fork // die 'Cannot fork';
if ($ret) {
	my $tle;
	local $SIG{ALRM} = sub {
		if ($killuser) {
			system @sudo, 'pkill', '-KILL', '-u', $killuser;
		} else {
			kill KILL => $ret
		}
		$tle = 1
	};
	alarm ($timeout || 5);
	waitpid $ret, 0;
	alarm 0;
	if (@sudo) {
		$? = $? >> 8;
		$? = $? < 128 ? ($? << 8) : $? - 128;
	}
	my $sig = $? & 127;
	my $signame = sig_name $sig;
	exit !say TLE,  "\nTime Limit Exceeded"   if $tle;
	exit !say OLE,  "\nOutput Limit Exceeded" if $sig && $signame eq 'XFSZ';
	exit !say DIED, "\nCrash (SIG$signame)"   if $sig && $signame ne 'PIPE';
	exit !say NZX,  "\nNon-zero exit status: " . ($? >> 8) if $? >> 8;
	exit !say AC,   "\nAll OK";
} else {
	$^F = 50;
	if ($close) {
		POSIX::close $_ for 0 .. $^F;
	}
	for my $fdstring (@fds) {
		my ($fd, $file) = split ' ', $fdstring, 2;
		open my $fh, $file or die $!;
		my $oldfd = fileno $fh;
		if ($oldfd != $fd) {
			POSIX::dup2 $oldfd, $fd or die $!;
			POSIX::close $oldfd or die $!;
		}
	}
	my $nproc = $killuser ? 5 : 1;
	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
	setrlimit RLIMIT_NPROC, $nproc, $nproc or die $! if $nobody;
	POSIX::setgid $nobody ? 65534 : USER;
	POSIX::setuid $nobody ? 65534 : GROUP;
	unshift @ARGV, @sudo;
	say STDERR "Execing: ", join ' ', map { "'$_'" } @ARGV;
	exec @ARGV;
}

1;
__END__

=encoding utf-8

=head1 NAME

gruntmaster-exec - Gruntmaster 6000 executor

=head1 SYNOPSIS

  gruntmaster-exec 20000000 111 echo 'Hello, world!'

=head1 DESCRIPTION

gruntmaster-exec is the script used by gruntmasterd to run programs.

The first argument is the address space limit (in bytes), the second argument is the output limit (also in bytes). The rest of the arguments are the command that should be run and its arguments.

gruntmaster-exec sets the resource limits, cleans the environment (except for PATH and HOME), adds the ONLINE_JUDGE environment variable with value 1, and finally C<exec>s the given command.

=head1 AUTHOR

Marius Gavrilescu E<lt>marius@ieval.roE<gt>

=head1 COPYRIGHT AND LICENSE

Copyright (C) 2014 by Marius Gavrilescu

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Commit	Line	Data
c40a2dd0	1	#!/usr/bin/perl
da905f9e MG	2	use v5.14;
da905f9e MG	3	use strict;
c40a2dd0	4	use warnings;
da905f9e	5
c40a2dd0 MG	6	use constant +{
	7	# Accepted
	8	AC => 0,
da905f9e	9
c40a2dd0 MG	10	# Internal server error
c40a2dd0 MG	11	ERR => -1,
da905f9e	12
c40a2dd0 MG	13	# All other errors
	14	WA => 1,
	15	NZX => 2,
	16	TLE => 3,
	17	OLE => 4,
	18	DIED => 5,
	19	REJ => 10,
	20	};
4e08f696 MG	21	# These constants are changed by ex/makevm
	22	use constant USER => 65534;
	23	use constant GROUP => 65534;
50cdf3cb	24
a6b04042	25	use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE RLIMIT_NPROC/;
c40a2dd0 MG	26	use IPC::Signal qw/sig_name sig_num/;
c40a2dd0 MG	27	use sigtrap qw/XFSZ/;
69c25408	28
c40a2dd0 MG	29	use Getopt::Long;
c40a2dd0 MG	30	use POSIX qw//;
65ab2558	31	use Text::ParseWords qw/shellwords/;
c40a2dd0 MG	32	use Time::HiRes qw/alarm/;
c40a2dd0 MG	33
4e08f696	34	my (@fds, $timeout, $mlimit, $olimit, $nobody);
1fe52cde MG	35	my $close = 1;
1fe52cde MG	36
c40a2dd0 MG	37	GetOptions(
	38	"fd=s" => \@fds,
	39	"timeout=f" => \$timeout,
	40	"mlimit=i" => \$mlimit,
	41	"olimit=i" => \$olimit,
1fe52cde	42	"close!" => \$close,
4e08f696	43	"nobody!" => \$nobody,
c40a2dd0 MG	44	);
c40a2dd0 MG	45
65ab2558 MG	46	my $killuser = $ENV{GRUNTMASTER_KILL_USER};
65ab2558 MG	47	my @sudo;
1e5f2b8b	48	@sudo = (shellwords ($ENV{GRUNTMASTER_SUDO}), '--') if $ENV{GRUNTMASTER_SUDO} && $nobody;
65ab2558 MG	49	$mlimit = 1_000_000_000 if @sudo; # sudo wants a lot of address space
65ab2558 MG	50
c40a2dd0 MG	51	my $ret = fork // die 'Cannot fork';
	52	if ($ret) {
	53	my $tle;
65ab2558 MG	54	local $SIG{ALRM} = sub {
	55	if ($killuser) {
	56	system @sudo, 'pkill', '-KILL', '-u', $killuser;
	57	} else {
	58	kill KILL => $ret
	59	}
	60	$tle = 1
	61	};
c40a2dd0 MG	62	alarm ($timeout \|\| 5);
	63	waitpid $ret, 0;
	64	alarm 0;
65ab2558 MG	65	if (@sudo) {
	66	$? = $? >> 8;
	67	$? = $? < 128 ? ($? << 8) : $? - 128;
	68	}
c40a2dd0 MG	69	my $sig = $? & 127;
	70	my $signame = sig_name $sig;
	71	exit !say TLE, "\nTime Limit Exceeded" if $tle;
	72	exit !say OLE, "\nOutput Limit Exceeded" if $sig && $signame eq 'XFSZ';
	73	exit !say DIED, "\nCrash (SIG$signame)" if $sig && $signame ne 'PIPE';
	74	exit !say NZX, "\nNon-zero exit status: " . ($? >> 8) if $? >> 8;
	75	exit !say AC, "\nAll OK";
	76	} else {
	77	$^F = 50;
1fe52cde MG	78	if ($close) {
	79	POSIX::close $_ for 0 .. $^F;
	80	}
c40a2dd0 MG	81	for my $fdstring (@fds) {
	82	my ($fd, $file) = split ' ', $fdstring, 2;
	83	open my $fh, $file or die $!;
	84	my $oldfd = fileno $fh;
	85	if ($oldfd != $fd) {
	86	POSIX::dup2 $oldfd, $fd or die $!;
	87	POSIX::close $oldfd or die $!;
	88	}
	89	}
65ab2558	90	my $nproc = $killuser ? 5 : 1;
c40a2dd0 MG	91	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
	92	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
	93	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
65ab2558	94	setrlimit RLIMIT_NPROC, $nproc, $nproc or die $! if $nobody;
4e08f696 MG	95	POSIX::setgid $nobody ? 65534 : USER;
4e08f696 MG	96	POSIX::setuid $nobody ? 65534 : GROUP;
1e5f2b8b MG	97	unshift @ARGV, @sudo;
1e5f2b8b MG	98	say STDERR "Execing: ", join ' ', map { "'$_'" } @ARGV;
c40a2dd0 MG	99	exec @ARGV;
	100	}
	101
	102	1;
69c25408 MG	103	__END__
	104
	105	=encoding utf-8
	106
	107	=head1 NAME
	108
	109	gruntmaster-exec - Gruntmaster 6000 executor
	110
	111	=head1 SYNOPSIS
	112
	113	gruntmaster-exec 20000000 111 echo 'Hello, world!'
	114
	115	=head1 DESCRIPTION
	116
	117	gruntmaster-exec is the script used by gruntmasterd to run programs.
	118
	119	The first argument is the address space limit (in bytes), the second argument is the output limit (also in bytes). The rest of the arguments are the command that should be run and its arguments.
	120
	121	gruntmaster-exec sets the resource limits, cleans the environment (except for PATH and HOME), adds the ONLINE_JUDGE environment variable with value 1, and finally C<exec>s the given command.
	122
	123	=head1 AUTHOR
	124
	125	Marius Gavrilescu E<lt>marius@ieval.roE<gt>
	126
	127	=head1 COPYRIGHT AND LICENSE
	128
	129	Copyright (C) 2014 by Marius Gavrilescu
	130
	131	This program is free software: you can redistribute it and/or modify
	132	it under the terms of the GNU Affero General Public License as published by
	133	the Free Software Foundation, either version 3 of the License, or
	134	(at your option) any later version.